Enterprises Can Benefit from ICSA Labs Advanced Threat Defense Testing
January 7, 2016
By Jack Walsh

As threats change, security product vendors hurry to keep pace.  Enterprises wonder whether commercial advanced threat defense (ATD) solutions will be able to keep up with the ever-evolving threatscape.

One answer to this question is the result of regularly recurring testing with new malicious threats performed by an independent, ISO-accredited test lab, such as ICSA Labs.  While vendors register and pay for ICSA Labs testing, all enterprises can view the test results from this and all ICSA Labs testing for free on the ICSA Labs website.

ICSA Labs recently completed five weeks of testing during its initial round of ATD certification testing. Fortinet, Inc., Advanced Threat Protection Framework.; Symantec Advanced Threat Protection; and Trend Micro Deep Discovery™ Inspector became the first products to earn ICSA Labs’ Advanced Threat Defense Certification. Shortly thereafter Palo Alto Networks WildFire™ also attained certification. The next test cycle will begin in mid-January 2016.

Enterprises should look for results from this upcoming test cycle to be released toward the end of March*.

During each test cycle ATD solutions are tested using the latest unknown and little-known malicious threats that ICSA Labs harvests from a variety of sources.  In that way enterprises can see how well ATD solutions handle previously unknown malicious threats. Refer to the previous blog post to learn more about the sources of malicious threats used in testing.

Examples of what enterprises will find in the reports are below:

Figure 1.

Figure 1 sheds light on how effective an ATD solution was at handling malicious samples less than 24 hours old.  Vendor solutions that attained certification did very well with new threats less than two hours old.

Figure 2. 

Figure 2 shows the percentage of malicious samples an ATD solution detected and the percentage that it did not detect each day during a 21-day test cycle.  Tested vendor solutions that attained certification were consistent for the most part throughout the test cycle in terms of their ability to detect new threats.

*Vendors with an advanced threat defense solution that are interested in participating and that have yet to register for testing may do so by contacting ICSA Labs’ Senior Account Manager, Harry Brittain, at hbrittain@icsalabs.com.  Those that already participated in the initial round will automatically be part of this and the next few test cycles. ICSA Labs intends to perform recurring ATD testing on a quarterly basis. 

 

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.